[7147] in bugtraq
Re: Serious Linux 2.0.34 security problem
daemon@ATHENA.MIT.EDU (Alan Cox)
Thu Jul 2 11:35:23 1998
Date: Wed, 1 Jul 1998 17:07:15 +0100
Reply-To: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
X-To: deraadt@CVS.OPENBSD.ORG
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199806301846.MAA01485@cvs.openbsd.org> from "Theo de Raadt" at
Jun 30, 98 12:46:56 pm
> > fcntl(0,F_SETOWN,p);
> > s = fcntl(0,F_GETFL,0);
> > fcntl(0,F_SETFL,s|O_ASYNC);
> > printf("Sending SIGIO - press enter.\n");
> > getchar();
> > fcntl(0,F_SETFL,s&~O_ASYNC);
> > printf("SIGIO send attempted.\n");
> > return 0;
> > }
>
> Well, that looks like one of the class of security problems described
> by www.openbsd.org/advisories/signals. Hasn't anyone else fixed those
> problems yet?
Of course Theo if you actually bothered to look back at the Linux sources
you'd see thats an error that crept in and we had SIGIO right way before
the old advisories that predate OpenBSD.
Alan
